Director, Information Security

Responsibilities

• Lead the Information Security function, overseeing security engineering delivery and day-to-day security operations.
• Translate regulatory, privacy, and risk requirements into effective, auditable technical controls.
• Own security operations including detection, response, and escalation, serving as Incident Commander during security events.
• Establish standard operating procedures, metrics, and automation to scale security operations reliably.
• Manage the security posture for enterprise and internal use of AI technologies, including data handling and monitoring.
• Directly manage information security managers and senior individual contributors, partnering with the CISO on hiring and team growth.
• Partner with GRC and Legal to support audits, assessments, and regulatory obligations.

Requirements

• 10+ years of experience in information security, security engineering, or security operations.
• 5+ years of experience managing managers and senior individual contributors.
• Proven leadership during high-impact security incidents and crisis situations.
• Experience partnering with managed security service providers (MSSPs) to drive outcome-based operations.
• Familiarity with regulatory frameworks including HIPAA, GDPR, and PCI.
• Demonstrated ability to design and scale security programs grounded in metrics and automation.

Preferred Qualifications

• Experience supporting healthcare, biometric, or other health-adjacent data environments.
• Background working within high-growth technology organizations.
• Relevant security certifications such as CISSP or CISM.

About the Company

WHOOP is on a mission to unlock human performance and healthspan. Our wearable technology provides personalized insights that help millions of members better understand their bodies and make smarter decisions about training, recovery, and lifestyle.